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Data security arrangement 




(57) 


An automated teller machine includes a proc- 


face (37) The disk has at least one normal partition and 



essor (22) on a motherboard (32) with BIOS on ROM 
which allows operation of a hard disk (38) via an inter- 



includes a hidden security partition inaccessible under 
normal system control. Data relating thereto can be en- 
coded for security reasons. 
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Description 

[0001] The present invention relates to data security 
arrangements 

[0002] When handling data, for example, in a self 
service terminal such as an Automated Teller Machine 
(ATM), access needs to be restricted. When data is 
stored on a rotatable storage medium (e.g. a hard disk) 
there is a need to reduce the risk of unauthorized ac- 
cess. 

[0003] The present invention is concerned with assist - 
ing in providing such security. 

[0004] To this end, the invention consists in a security 
method for a rotatable storage device characterized by 
providing a hidden security partition in the device, and 
storing information on the position of the partition on the 
device in such a manner as to prevent access by normal 
system operation. 

[0005] In a preferred embodiment, the method is em- 
ployed in operating a self service terminal 
[0006] The invention also consists in a rotatable stor- 
age device having a storage sector for storing informa- 
tion on at least one storage partition and characterized 
by a hidden security partition located thereon and inac- 
cessible during normal system operation. 
[0007] In a preferred embodiment, the device is em- 
ployed in a self service terminal. 

[0008] In order that the present invention may be 
more readily understood, reference will now be made, 
by way of example, to the accompanying drawings, in 
which: - 

Figure 1 shows a known ATM system; 

Figure 2 shows the control system for the Figure 1 

arrangement; 

Figure 3 shows the processor control aspect of an 
ATM in more detail; 

Figure 4 shows a typical partition table sector asso- 
ciated with the hard disk of Figure 3; 
Figure 5 shows the inventive aspect of the hidden 
partition; and 

Figure 6 shows the store and access mechanisms 
respectively for the hidden partition. 

[0009] In the typical ATM arrangement of Figure 1 of 
the accompanying drawings, the ATM 10 is enclosed 
within a cabinet 1 1 and has customer utilization arrange- 
ments, such as a magnetic card input slot 1 2, a display 
screen 14, a keypad 16, a cash delivery slot 18 and a 
balance and/or payout slip delivery slot 19. 
[0010] The control system for the ATM 10 is shown in 
Figure 2 in which a processor 22 is connected to receive 
input from the card reader 12 and the keypad 16 and 
control the display 14 and cash counting and delivery 
system 26 connected to the cash delivery slot 18. A pa- 
per slip delivery system 20 is provided for dispensing a 
printed payout slip, account balance or the like, and is 
connected to the delivery slot 19 The processor is con- 



nected by a connector 24 to the central authorization 
system of the financial institution operating the ATM 10. 
[0011] In the Figure 2 arrangement it is necessary to 
access, handle and store data and the processor ar- 

5 rangement 22 is shown in more detail in Figure 3. Typ- 
ically the processor will include a number of components 
to allow the system to operate. The heart of the proces- 
sor will be a microprocessor chip 30 mounted on a moth- 
erboard 32. Input and output information/control will 

10 pass via an interface 34 and driving the display will be 
achieved by the display driver 35. Memory chips 33 
(RAM) provide immediate data handling capability. 
[0012] Other memory chips 36 (ROM) provide opera- 
tional information in permanent form. A disk interface 37 

is provides connection to a hard disk 38 through its disk 
controller (not shown separately). 
[0013] The devices, except the hard disk 38, are all 
shown mounted on the motherboard for simplicity, but 
some devices may be situated on separate cards 

20 mounted on the motherboard. 

[0014] A hard disk 38 provides large scale storage for 
the computer and will carry software to run the system 
as well as data regarding transactions and the like. The 
motherboard BIOS (Basic Input Output System) allows 

2S the system to operate correctly including hard disk op- 
eration. This BIOS is accessed at the commencement 
of the boot up program and the BIOS is typically held in 
the ROM 36 (and possibly partially in the disk controller). 

30 [0015] For the computer to bootstrap (boot) after in- 
ternal self checks, the ROM BIOS checks the hard drive 
at a specific location for 'system files' and reads data 
stored on the disk's first sector and copies this to RAM 
to allow the stored system files to be loaded into RAM. 
35 [0016] During the computer system operation, when 
data is to be read from a file, the operating system in- 
structs the hard disk controller to move the drive head 
to the drive's file allocation table (FAT) to determine 
where the start of that file begins so that the correct file 
40 j can be accessed. 

[0017] Security of information on ATMs is paramount 
to both the Financial Institutions and the customer in the 
street. To protect this information system/procedures re- 
quire to be in place to restrict/control access to the Sott- 
as ware and data present on the ATM's hard drive 38. This 
includes restricting system boot up if certain security cri- 
terion are not met. 

[0018] During the normal software initialization of a 
hard disk, partitions are laid down in the first sector of a 
50 disk, known as the Partition Table Sector. Within this first 
sector there is a defined area called the Partition Table 
where up to four 1 6 byte partition entries can be written. 
This information details where each partition is located 
on the disk, how big it is and whether the partition can 
55 be used to boot the system. The Motherboard BIOS 
within the system indexes into this Partition Table to find 
the boot partition and then loads the boot sector code 
pointed to by the boot partition and subsequently loads 
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the system software. A typical Partition Table Sector 
from a disk is shown in Figure 4. 

[0019] The Partition Table Sector has a storage ca- 
pacity of 16 x 32 (512 bytes). The bootstrap code is at 
the beginning (commencing at address 00000000) with s 
Partition Table entries towards the end of the sector. 
Each Partition Table entry requires 16 bytes of data. As 
illustrated the first Partition Table entry (shown in bold) 
commences as address 000001 B0. Up to four partitions 
may be required on large disks and each 16 byte entry io 
can follow on from each other up to the end of the sector. 
Thereafter bytes '55 AA* denote to the computer BIOS 
that the Partition Table contains valid data 
[0020] With the present invention, a Security Partition 
is included above the area where the standard partition is 
entry information is placed, utilizing space within the 
Partition Table Sector, so that it will not be recognized 
by the normal operating system as a hidden partition. 
[0021] The Security Partition data details the where- 
abouts of the special hidden partition on the disk. Since 20 
Operating Systems currently only use the defined Par- 
tition Table area to detail partition information, the Se- 
curity Partition would be unknown and therefore inac- 
cessible to other users. The Security Partition details 
can also be encoded such that it was not obvious that 25 
the data was describing a hidden disk partition. This hid- 
den partition can then contain proprietary code and in- 
formation used to implement secure access to the sys- 
tem software and data. 

[0022] Figure 5 again shows a partition table but it 30 
now includes hidden Security Partition data within the 
Partition Table Sector. The normal partition information 
is again written at address 000001 B0. However, unused 
space above the area recognized as giving partition in- 
formation is employed for security partition data. In this 35 
example the offset address 00000160 is used and data 
indicative of the partition is stored (shows as XX bytes). 
Only knowledge of the offset of the hidden Security Par- 
tition data entry within the Partition Table Sector and the 
encoding algorithm would allow the hidden partition to 40 
be found. 

[0023] Hence, to set up the Security Partition, the ap- 
propriate partition defining information can be laid down 
at the offset address by means of the steps shown in 
Figure 6a. Access can be made using the steps shown 45 
in Figure 6b, which is outside the accessibility of the nor- 
mal operating system. 

[0024] During installation of the ATM build suite, the 
Partition Table Sector would be written with the encoded 
hidden Security Partition. Only the manufacturer's pro- so 
prietary software/firmware would have knowledge of the 
encoding algorithm and the offset address of the hidden 
partition data. The software load of data onto the disk 
could include loading any security information into the 
hidden partition on the disk, access to which would only 55 
be achieved through special proprietary software and 
firmware routines. The motherboard BIOS could also be 
modified to include special routines to access the hidden 



4 

partition to validate security data before allowing the 
system to boot. 

[0025] Hence, this additional security measure re- 
stricts/controls access to the software and data on the 
hard disk and includes restricting system boot up if cer- 
tain security requirements are not met. 
[0026] In the arrangement shown in Figure 3, the disk 
38 is an IDU disk. In a variation, for use with an SCSI 
disk, the disk interface 37 is replaced by an SCSI con- 
troller. J 



Claims 

1. A security method for a rotatable storage device 
(38), characterised by the steps of providing a hid- 
den security partition in the device, and storing in- 
formation on the position of the hidden partition on 
the device in such a manner as to prevent access 
by normal system operation. 

2. A method according to claim 1 , characterised in that 
the hidden partition position information is stored at 
a location remote from information relating to any 
non-security partition. 

3. A method according to claim 1 or 2, characterised 
in that the hidden partition position information is 
stored in a partition table at a location away from 
other non-security partition information within the 
same partition table. 

4. A method according to claim 1 , 2 or 3, characterised 
in that the information on the hidden partition is se- 
curity encoded prior to storage to prevent interpre- 
tation even when subject to unauthorized access. 

5. A method according to any preceding claim, char- 
acterised in that the method is utilised in the oper- 

j ation of a self-service terminal having a rotatable 
storage device. 

6. A rotatable storage device (38) comprising a stor- 
age sector for storing information on at least one 
storage partition, characterised in that the storage 
sector has a hidden security partition located ther- 
eon and inaccessible during normal system opera - 
lion. 

7. A rotatable storage device according to claim 6, 
characterised in that position information on the hid- 
den security partition is stored at a location remote 
from information relating to any non-security parti- 
tions. 

8. A rotatable store device according to claim 6 or 7 , 
characterised in that information on the hidden se- 
curity partition is security encoded to prevent inter- 
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pretation in the event that it is subject to unauthor- 
ized access. 

9. A self-service terminal comprising a processor (22), 

a display (14) and a dispenser (26) operable in re- s 
sponse to an authorized user request, character- 
ised by a rotatable storage device (38) as claimed 
in claim 6, 7 or 8. 

10. A self-service terminal according to claim 9, char- *0 
acterised in that the self-service terminal comprises 

an automated teller machine and the dispenser ( 1 8) 
is operable to dispense cash in response to an au- 
thorized user request 
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